[Pkg-owncloud-maintainers] Bug#699441: [Secure-testing-team] Bug#699441: owncloud: Multiple security issues in owncloud
Salvatore Bonaccorso
carnil at debian.org
Thu Jan 31 14:37:02 UTC 2013
Control: merge 698737 699441
Hi John
On Thu, Jan 31, 2013 at 07:25:38AM -0600, John Goerzen wrote:
> Package: owncloud
> Version: 4.0.4debian2-3.2
> Severity: grave
> Tags: security
> Justification: user security hole
>
> The version of owncloud in both testing and unstable contains security
> holes.
>
> http://owncloud.org/changelog/ has details. Upstream versions 4.0.11
> and 4.5.6 fixed:
>
> * Security: Fix multiple XSS problems: CVE-2013-0201, CVE-2013-0202, CVE-2013-0203
> * Security: Removed remoteStorage app because of unfixed security problems.
Yes, owncloud fixing these is in the delayed queue:
See: http://bugs.debian.org/698737
Regards,
Salvatore
More information about the Pkg-owncloud-maintainers
mailing list